React-Native is exciting, and certainly helps a lot, but building big apps for it is not "easy" yet (big lists are a problem that I'm currently experiencing)

Falcor may be a better idea than GraphQL for simple data. Strong focus on the latter in the conference.

Overall I had a great time, though I guess I realized again how big the React ecosystem is getting. I'm interested in React, React-Native, and both client and server-side technologies, but I came expecting way more web front-end related content, and was kind of surprised by the strong focus on React-Native and GraphQL.

Will definitely be back next year.

Other stuff talked about at some point to check (in no particular order):

Morning sessions

James Halliday (@substack) talked about his proposal allowing users to cache webapps for offline use, using Application Cache and a module he created, hyperboot for that, and also talked about forkdb, to store and allow to sync data between those applications.

Charlie Robbins talked about dependencies static analysis, and about of how to create multi-dimensional graphs to get some informations like checking how many modules are vulnerable to shellshock, knowing which node modules are oudated (npm-outdated)

Justin Meyer started his talk by asking 4 questions:

Do you use a module loader

Do you document every module

Do you test every modules

Do you code review everything?

He created a JavaScript Project Checklist. His advice was that checklists, while obvious, really helped keeping project quality, ensuring that good practices were followed.. and in general, awesome.

Domenic Denicola presented JSDOM, a project which is a reimplementation of the DOM (and more) for node.js (and more). They plan on contributing to W3C web platform tests.

Afternoon Sessions

Julien Lecomte, YUI's tech lead, and the one who decided to stop all new developments on it, talked about what's next for Yahoo : Embrace new standards, especially ES6. He talked about how Yahoo plans to introduce a free service to use polyfills. He also presented FormatJS.

Angus Croll, in his talk A book nerd's guide to JavaScript, first said this:
"JS is to Java as the eiffel tower is to the Montparnasse Tower": Montparnasse is practical, useful and mind-numbingly boring, while the Eiffel Tower is a nonsensical work of genius.

He continued saying that anyway, in JavaScript, at one time or another everything has been considered harmful, and that if you listen everyone, you can't to anything. On the other hand, literature is about exploring the entire language. What sets JS apart from other languages is options, open minds keep JavaScript fun.

He wrote a book called If Hemingway wrote JavaScript which sounded great - I ordered it.

Mike McNeil, in his talk Pulling the plug, talked about a solution to complement functions and make them more capable of describing themselves and handling custom error states. More information at http://node-machine.org/

John David-Dalton (@jdalton)'s talk was called A Shimblance of Success and was about shims. The contrast with Julien Lecomte's presentation was interesting, as the main message here was that shimming is not a silver bullet (non obvious side effects, may change over time, not everything can be implemented) and that "libraries are liberating": lodash, for example, offers functionalities that do not depend on shims, and can also in some case give better performance, or be more convenient that native functions (callback shorthands, faster array search, shortcut fusion)

He is for keeping a library layer in apps.

Soledad Penades (@supersole) talked about Tools for the 21st century musician, contained in Web Audio, since the audio tag isn't able to do a lot of things when it's about generating sound or scheduling events. Web audio is fully controllable with a js api, interoperable with other web api, not attached to the DOM and runs in a separate thread. It can do a LOT of things (including modifying audio). She ended her talk by presenting her project OpenMusic.

Joe McCann talked about Tuning node. He told the audience to not make v8 think in order to get better performance in node and presented ways to do this by to enhance node performance by by avoiding complex code behaviours, setting flags in v8, including a trick to avoid having jump instructions in v8's generated assembly code, and adding C++ code.

Paul O'Shannely presented React through the ages, explaining why the framework was born, how it evolved, what problems it tries to solve and where it is going

Yehuda Katz ended the day by presenting Don't die - A guide to Indie OSS, explaining how to Stay healthy as an OSS project:

He also explained that an OSS project must try to "play the long game", like Ember did by betting early on promises. He told the merits of diversity for the better evolution of a framework, saying it was better to avoid any major lead (=== benevolent dictatorship). The contrast between this vision, used for Ember, and what AngularJS is doing is really impressive.

At the end of the day

This dotJS was the best one. More technical than the first one but less specific and more inspirational than the second one, it was an amazing day, and I wish it lasted longer. Once again, I'll definitely be back next year.

]]>I was, on November 14th 2014, at the first edition of dotCSS, a conference by dotConferences, also responsible for dotJS (which was 3 days later), dotScale, dotGo, the future dotSwift and the one-shot discontinued dotRB.

Long story short: dotCSS was a good conference, which clearly found its audience, since the

]]>http://blog.codeheroics.com/dotcss/966518b9-5047-4b29-b596-e72157a6024fWed, 19 Nov 2014 00:49:08 GMTI was, on November 14th 2014, at the first edition of dotCSS, a conference by dotConferences, also responsible for dotJS (which was 3 days later), dotScale, dotGo, the future dotSwift and the one-shot discontinued dotRB.

Long story short: dotCSS was a good conference, which clearly found its audience, since the venue was quite full, but did not find its sponsors, which led to the reduction of its duration (from a day to an afternoon) and a dramatic lack of dotCSS T-shirts.

The absence of big sponsors is also probably the reason why no 2015 edition was announced (when dotJS 2015 already is): basically, only Google helped a bit. Since there were plans for combos tickets this year, I can only assume that dotCSS's future is uncertain.

I won't detail each and every talk, but here's what I'll remember from dotCSS:

Morning sessions

Daniel Glazman, co-chairman of the W3C CSS Working Group, gave a talk explaining CSS' various problems, and how hard it seems to be for it to move forward while trying to reach good compromises on browser vendors needs and priorities. For example, he mentionned the infamous difficulty to vertically center elements of CSS, and talked about how hard it was to even name properties.

Kaelig Deloumeau-Prigent talked about his work at The Guardian to bridge the gap between developers and designers. Sass, and especially clearly named variables, allow better understanding for both developers and designers of how front-end elements are thought and standardized throughout the project. His idea was to put the design at the center of the project.

Lightnings talks

Maxime Thirouin summed up what was basically the feeling of the whole conference : "We love CSS, but it's frustrating". That it still has (without preprocessors) no variables, math, customization... which is why he is building cssnext, to get the next standardized features now.

Victor Brito told all web devs to put more efforts to make the web accessible

Afternoon sessions

Hugo Giraudel, in his talk Keep calm and write Sass, talked about how preprocessors are used to bridge the gap between the simple beginnings of CSS to style webpages and the complex web applications it must now give style to.

Estelle Weyl talked about less-known things CSS can do, like counting with counter, then about selectors specificities in her CSS? WTF! talk, which ended with notes about how to (not) use !important and how to override it with CSS animation quirks.

Nicolas Gallagher talked about scalable CSS, and how, in a large company like Twitter, the whole UI has to be designed in order to avoid having developers stepping on each other's toes.

Bert Bos, co-creator of CSS, talked about typography, giving clear examples of the challenges linked to it, which may or may not be fixed with CSS. For example, quotes are different in French, English, Dutch ; punctuation and style can be different (spaces before ! and ? in French, not English), so is it possible to markup in a consistent way text?

Ana Tudor (@thebabydino), the last speaker, showed a series of neat demos about distribution, creating fun shapes with CSS/Sass. Her neat demos are on Codepen.

And that's it for dotCSS!

It'd be a shame if the conference does not return. Perhaps if it was part of dotJS (or a dotHTML or something like that) as a 2-days event, part of it could survive?

]]>After a great first edition, dotJS came back this year, leveling up its venue to become "The largest JavaScript conference in Europe".

For starters, a few words about the organisation of the conference : The first talks started at 10:30, which is quite late, and finished at around 19:15.

]]>http://blog.codeheroics.com/dotjs-2013/014180ef-3f90-4812-a70e-e893d2ba35feTue, 31 Dec 2013 11:36:25 GMTAfter a great first edition, dotJS came back this year, leveling up its venue to become "The largest JavaScript conference in Europe".

For starters, a few words about the organisation of the conference : The first talks started at 10:30, which is quite late, and finished at around 19:15. The hour of the end of the conference was not stated clearly, which was a bit problematic for some expecting it'd end earlier (checking my mails, I realize though that they did announce that the after-party would start at 19:30), and a lot of time during the conference was given to participants for networking (two 45 minutes breaks and a two hour lunch break). It's not my first dotConference so I expected it, but I still feel those breaks are too long, and would like to have more (or longer) talks instead.

I have no complains, however, on the absence of explicit schedule for the talks, as I feel it's nice to not know what's coming next... even if it was quite obvious that Brendan Eich was going to end the day!

As for the venue, the Théâtre de Paris was bigger than last years' Théâtre des Variétés, but... there is still not a lot of space for legs when sitting on the seats of those Paris theaters, so even though the venue's bigger, you couldn't feel it that much.

Quick summary of the speakers and the talks (each talk being 20 minutes long) :

Addy Osmani talked about Polymer, and about tools to work efficiently like Yeoman

Hongli Lai talked about how to make node.js deployment enjoyable and presented the tool his team is developing, Phusion Passenger

Nicolas Belmonte talked about "growing a language for graphics", in a quite complicated talk about operator overloading

Dave Methvin, lead of the jQuery Core team, talked about JavaScript performance

Guillermo Rauch talked about "the need for speed" and the importance of reactive to user inputs in optimistic ways (changing the layout in the style of the next page even before getting data, like what Google does when we start typing a request)

James Burke talked about EcmaScript 6 modules. The most complicated talk of the day.

Nicolas Geoffray talked about Dart. He was replacing Lars Bak and his talk was, after a nice but lengthy anecdote, mostly a standard introduction of the language

Alex Sexton talked about "practicing safe script". Favorite quote of the day about security : "You have no hope, you should give up!". Special mention for Evercookie and "don't mess with XSS".

Pamela Fox talked about making JS more learnable. While it was a nice presentation, I do regret that what was said was not specific to JavaScript, but more about the hardships of learning how to code

Brendan Eich, finally, closed the conference talking about Mozilla, the Web, JavaScript performances and future (ES7), GPU programming beyond WebGL, the Extensible Web Manifesto, and of course, told everyone's favorite anectode about how JavaScript was designed in 10 days and suddenly became a product.

That sums it up!

I actually have mixed feelings about dotJS this year.

I liked it. I liked being there, the speakers were all interesting people and most of them gave good presentations. Having Brendan Eich present was amazing for the second edition of the conference.

but...

This dotJS was in my opinion inferior to the first one, despite the more technical focus.

The lack of a technical focus was one of the main problems last year, and dotJS clearly aimed at fixing that problem. Yes, but a lot of the time was used to talk about technical stuff around JavaScript (TypeScript, Dart, WebGL), not about JavaScript. In that regard, I feel that last year had at least two good sessions (unicode in JS and WTFJS) which made us dive into the code. I missed the live coding.

At the other end of the spectrum, I also kind of missed the TED-like talks of last year. Yes, I know that dotJS 2012 was light on the JS side, but it was what made it special. If dotJS continues with the same focus, I don't think there'll be again a talk like last year's What's the open source and why do I feel so guilty about it, and that's a shame because it was great.

I realize there's a contradiction in what I'm saying. I don't know, maybe what I want is some kind of magical unicorn riding on a rainbow, but I hope for another conference, a generic "dotWeb", in which, like in dotJS 2012, awesome people could come on stage to talk about what they're passionate about, even if it's not what they are known for. Talks like Pamela Fox's (interesting, but not specific to JavaScript) probably could fit better in that magical conference. And conferences like dotJS and dotGo could focus on their languages.

So I guess what I'm trying to say is this : In my opinion, dotJS 2012 was a better conference, even if dotJS 2013 was perhaps a better JavaScript conference.

Anyway, practice makes perfect, so I guess dotConferences will strive to organize an even better dotJS next year. Even if it's a conference which has its flaws, I wouldn't want to miss it.

]]>

Second day of the ZendCon Europe! Like for the first day, I'll sum up in this post "my" conference, meaning the sessions and keynotes I saw, chronologically from my notes.

Keynote - Moving to the Cloud & Services: The Microsoft Case

Second day of the ZendCon Europe! Like for the first day, I'll sum up in this post "my" conference, meaning the sessions and keynotes I saw, chronologically from my notes.

Keynote - Moving to the Cloud & Services: The Microsoft Case

... Going to write just what wrote in my notebook during the conference...

Essentially : "Roles are evolving, we need to do more continuous deployment/integration/etc! And look, we've got tools to do that! Windows Azure! Visual Studio Online! Come to the Dark Side, we have cookies!"

Except they were victims of the demo effect. And it was overall pretty boring.

Compose this!

A session about Composer! I never worked directly with the tool, but I've recently worked mostly with node.js so I know npm, and Composer is basically npm for PHP (or is it the other way?)

The session was about everything around Composer: Specifying versions, the ability to specify the minimum stability needed for a package, conditional dependencies, dev dependencies, autoloading, class maps...

Not anything revolutionary, but a nice introduction nevertheless.

Refactoring 101

I went to see a talk about refactoring! No magical recipes were given here but I found the session dynamic, and reassuring, as it's always good to be able to assert that what we try to put in practice every day is the good thing.

It was also a reminder that refactoring is something to do at all times, and that while we're doing it, no functionality in the code should be modified, even if it's often quite tempting!

Security : Dealing with other’s nightmares

A session about security!

It started with a fun analogy about the Internet, to explain why everyone, not just Google or Facebook, is a potential target and needs to care about security : "The Internet is a parking lot: a thief will just go for the first car door which opens, not necessarily for the prettiest car". The point was that some (automated) attackers just try to see "if the door opens", and if it doesn't, go try another website.

Indeed, the whole talk was about the security risks on the web (more generally than just PHP related), with various bits of information, including:

The fact that there are publicly available lists of bad IP ranges to ban to avoid attacks by bots

The necessity to be careful not to attract attackers, by not letting things such as phpinfo, changelogs and default installation files being available on servers

The necessity to avoid weak passwords and stuff like the default admin/admin combination (or 00000000)

The fact that just blacklisting user-agents from some bots could work

The fact that some backdoors, drive by downloads problems could be discovered just by having an anti-virus installed

The talk concluded with this : While PHP is our friend, some of its features should be disabled or configured appropriately (like allow_url_fopen, open_basedir, display_errors), and that PHP has buddies to help, like suhosin.

Opcache explained

This was actually an UnCon session, which were sessions in which anyone could talk. Julien Pauli was the one who talked there, and he presented what the OPcache was, why it was useful (because what PHP does by default is compile, execute, then forget what was just compiled), and in what situations the opcode generated by PHP could be optimized by the Zend Optimizer which is was integrated in PHP 5.5.

It was an interesting talk (even if I can't very well explain it in other ways that "the opcode gets optimized! Then is cached!") so I'm glad I noticed this talk was organized, as none of the three sessions at the same time in the schedule interested me.

Beyond PHP: it is not (just) about the code!

This talk had a set objective to be an "eye-opener" for developers which always have their nose in the code.

While it may be a bit exaggerated, it was indeed a good talk, which showed with examples how working applications could suddenly start to have problems because of factors external to the code.

3 main examples were given:

A DB problem (the replication of a database becoming slow)

A network problem due to too much data being transferred from the DB to the application while not much of it was really being used (SELECT *)

Another network problem, due to a file_get_contents getting external resources. Since PHP's default timeout for this is 60 seconds, it's quite problematic not to get an answer for all this time... (Plus that example also had problems with the code).

Finally, we were warned about I/O bottlenecks in case of excessive reads and writes, and warned about NFS.

Final keynote: The evolution of Devops

My favorite part of that talk was in the beginning. Not because it was bad, but because of what the speaker, Davey Shafik explained: When people asked him what he was doing for a living, his answer wasn't "making web pages", but "building the Internet". I like that job description :)

Anyway, this final keynote was about the evolution of the jobs of PHP developers as devops, with a job that extends more and more with the management of data in the cloud and continuous integration and deployment.

I was quite satisfied by the ZendCon Europe and would totally recommend it, even if it's a bit pricey.

If anything, I wish the talks would've focused a bit more on other frameworks and tools - Symfony and Zend Framework may dominate the enterprise market, but it seems that Laravel's adoption is skyrocketing, and there are other tools (CakePHP, CodeIgniter, FuelPHP...) which deserve to be mentioned and represented.

On a personal viewpoint, it was my first PHP conference and I must say that it was kind of amazing. Everything, from the venue to the speakers was top-level, and I definitely learned a lot and got motivated to continue to work with PHP, even though I've been more professionally engaged with JavaScript these last few months.

]]>

It's a bit late to talk about it now but I finally found time to organize my notes about the first edition of the ZendCon Europe which took place on November 19th-20th.

The conference was an attempt to reproduce in Europe the ZendCon conferences which have been ongoing for more

It's a bit late to talk about it now but I finally found time to organize my notes about the first edition of the ZendCon Europe which took place on November 19th-20th.

The conference was an attempt to reproduce in Europe the ZendCon conferences which have been ongoing for more than 10 years in the USA, and are "the place to be" for PHP developers, where you can meet and listen to some of the greatest international experts on PHP.

This first edition of ZendCon Europe was a bit pricey (around 540€ with taxes) for a two days event (3-days if you count the tutorial sessions on the 18th), but you could feel were the money went seeing the amazing venue, all-star line-up of speakers, loot (I love my red elePHPant) and even an awesome after-party.

I'll sum up in this post "my" conference, meaning the sessions and keynotes I saw, chronologically from my notes.

Opening keynote (Andi Gutmans)

The conference started by an opening keynote by Andi Gutmans, who talked of the state of PHP and of Zend, the company, inviting on stage other speakers to detail their work.

The most impressive of what was shown was for me Apigility, a micro-framework made by the Zend Framework team which as for objective to allow the quick design of APIs.

Other notable thing, the focus on continuous deployment and devops. They talked about recent improvements of the Zend Server for continuous deployment, but also, for people who don't have such servers, that they have released their blueprints for continuous delivery on zend.com/blueprints

Simple APIs with ZF2 - Apigility

After the first keynote, I changed my plans: I had initially planned to watch the talk Vagrant, puppet & chef for beginners, but I wanted to know more about Apigility, so I instead went with this talk.

I learned that Apigility was a dev tool, available via composer (zf-apigility-skeleton), and that it was opinionated: Only JSON is supported (too bad, XML), allows to version via URLs or http headers, proposes a way to cleanly handle errors, authentications, to paginate, to restrict the used HTTP methods...

Long story short: it is the tool I wanted to test the most quickly after getting out of the conference, as it seemed like some hard API work I've done before was re-created effortlessly using this.

There's a module for that

I confess, I didn't read correctly the presentation of this talk, and did not understand that it would talk about ZF2 modules. I also thought it would be a presentation of cool modules.

Keynote - The future of PHP in enterprises

The session started speaking generally about that both Zend Framework and Symfony were frameworks which intended to "push PHP to the next level"

Andi Gutmans talked about the Zend Framework, explaining that it was a collection of best practices for enterprise scale adoption, but that "while it's nice enterprises are using the Zend Framework, it's not needed" for Zend as a company, as they have a whole environment and are interested in PHP beyond their own framework.

Fabien Potencier reacted to this, stating strongly that he does care about people adopting Symfony, and that he wants more and more projects to adopt it, because he thinks more projects working together will lead to better quality (while I think he has a point, isn't having competition always important for innovation?)

Zeev Suraski was the next on to talk, telling that Zend did care about the adoption of their framework, just that it was not necessary for them. He then talked about how applications were going from being "API-enabled" to "API-first", with the rise of single page applications, and that the work on the server wasn't going away. He continued stating that "in some use cases, something like node.js makes sense, but for most use cases, PHP is the best tool"

Fabien Potencier agreed with what Suraski said, noting that Symfony 2 has a big focus on HTTP. He continued saying that the many years of PHP development made it the best for the backend, and that his opinion was that the PHP processes cycle (processes created then dying at the end of their execution) were in his opinion one of the best things about PHP.

Andi Gutmans then called PHP the visual basic of the web, since everyone, from the script kiddie to the computer science graduate, can use it at various levels. Indeed, Fabien Potencier separated the PHP world into 2 communities: The "low-end" community ("guys maintaining a Wordpress"), and the people using it for professional uses, using ZF or Symfony. He continued saying that PHP had small components which allowed people to start small, but at some point people had to choose : creating simple websites, or "grow up" and learn OOP, MVC, etc. In his opinions, learning PHP was simple, and that was something which was unique about it.

Talking about using PHP as a language to be put on other platforms, Andi Gutmans told that it didn't make sense for them to try to make PHP as an universal language (for desktop applications, for example), but Fabien Potencier countered, saying that if they wanted companies to use PHP, and since companies usually settle for a single language, "PHP should be good enough for everything". While I do not believe that PHP will get there (JavaScript's the most likely candidate those days as an universal language), I do think the opinion's interesting.

Next was a reminder that there was an agreement that PHP 5.x from now should not break anything big nor need any big migrations from now on. If something''s broken from a version to another, then it means we'll have a new major PHP version (aka PHP 6), or that they'd have "a damn good reason".

Was also mentioned the fact that those PHP companies sell support for the unsupported versions of PHP, since big companies sometimes do not want / can not migrate to new versions due to too big costs. The current PHP releases cycles states that after release, a version is supported for 2 years for bug & security fixes, then one additional year only for security fixes. Fabien Potencier, as the maker of Symfony, which has longer support cycles, wondered if PHP's cycles weren't a bit too short.

And that was it for this great keynote!

Dependency Injection

After the big keynote, I assisted to a session about dependency injection. It was actually quite nice, and the speaker, Rob Allen, was really a great.

So I learned that "dependency injection enables loose coupling, and loose coupling makes the code more maintainable".

I found myself reminded that dependency injection was a complex named linked to a quite simple design pattern that most probably use naturally. Coincidentally, it was something told in the talk - that design patterns were only shorthands, thought by clever people... which is why they get so complicated names.

So quite a simple concept covered here, but as I wrote in my notes, "Great talk!"

Practical design patterns in PHP

This talk, by Hugo Hamon and Julien Pauli, covered a few design patterns and gave concrete examples of their uses, as the two speakers wrote code for an e-commerce application.

The talk started with an explanation of the SOLID principle, then a few design patterns were covered.

I didn't take many notes during this talk but it was interesting seeing the authors show us how they use some design patterns in real life examples.

The session ended with the recommendation of two books to dig deeper: Martin Fowler's Patterns of Enterprise Application Architecture, and Head first into design patterns.

Building Scalable PHP Applications Using Google’s App Engine

Google has recently added PHP to the list of languages supported by Google App Engine, and they presented their platform.

PHP for App Engine is a PHP fork which is quite opinionated (among other things, "no write on the file system") and doesn't cover all of PHP's features (at the time of the conference, there was no support for curl, and there was no PHP5.5)

Still, the presentation wasn't bad as the advantages of the App Engine were discussed... and it ended with developers being given a huge discount on App Engine credit.

So that session was mostly a commercial stunt... But at least, it was better executed that what Microsoft did the next day when they showcased Windows Azure.

End of the day!

So here ended my first day at the ZendCon Europe, which was quite a good day! And the evening got even better since the after party involved a privatized arcade center. Everyone who played it as a child should get as an adult a chance to finally finish Time Crisis 2!

]]>This post is not about setting up a blog which will turn into an evil spirit scaring people away, but about setting a blog using Ghost, a brand new shiny blog platform which was successfully kickstarted at the beginning of the year and which recently released its first public version,]]>http://blog.codeheroics.com/setting-up-my-ghost-blog/2f930947-3c72-4109-b7ae-445563d17cd5Sun, 17 Nov 2013 14:41:44 GMTThis post is not about setting up a blog which will turn into an evil spirit scaring people away, but about setting a blog using Ghost, a brand new shiny blog platform which was successfully kickstarted at the beginning of the year and which recently released its first public version, the 0.3.1.

As I'm interested in hosting my own blog (as opposed to using Medium), setting up Ghost was a nice way to avoid the boring old solutions (hello Wordpress). As for the installation, this Ghost is hosted on a Kimsufi server. It uses node.js, and I used this opportunity to learn how to setup a nginx server, both for node.js and the static pages at the root of Agbonon.fr.

Doing the setup of the whole thing was kinda fun. When the whole thing finally went live, I removed the default theme and used one called Ghostium.

Writing this first post after the setup, I like the philosophy of Ghost, being a blogging platform designed to be content-focused: the edition area is really quite nice, and writing with Markdown is easy when used to Github.

Overall it was fun and seems nice enough, now the only thing left is to find things to write here :)